Uploaded image for project: 'HttpComponents HttpClient'
  1. HttpComponents HttpClient
  2. HTTPCLIENT-2134

HttpClient doesn't reuse TLS 1.2 Session

    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Resolved
    • Priority: Minor
    • Resolution: Not A Problem
    • Affects Version/s: 4.5.13, 5.0.3
    • Fix Version/s: None
    • Component/s: HttpClient (classic)

      Description

      To reproduce run on java 11+:

      java -cp ... -Djavax.net.debug=ssl:handshake TestApacheHttpClientApp

      As you can see from handshake.log file HttpClient always create new tls session.

      The root of problem is support of Extended Master Key Extension in https://github.com/openjdk/jdk/blob/jdk-11+28/src/java.base/share/classes/sun/security/ssl/ClientHello.java#L497. The standard jdk HttpURLConnection doesn't be affected this issues because of it sets chc.sslConfig.identificationProtocol equals to HTTPS by default https://github.com/openjdk/jdk/blob/jdk-11%2B28/src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java#L560. I tried to repeat the same trick (The commented code), but due to the bugs of JDK https://bugs.openjdk.java.net/browse/JDK-8253368 and may be incorrect implementation of method org.apache.http.impl.BHttpConnectionBase.close it doesn't work.

        Attachments

        1. TestApacheHttpClientApp.java
          2 kB
          Maxim Egorov
        2. handshake.log
          45 kB
          Maxim Egorov

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              m_v_egorov Maxim Egorov
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: